Skip to content

Commit

Permalink
fix: Perform validations on file path operations
Browse files Browse the repository at this point in the history 
Signed-off-by: jay-dee7 <[email protected]>
  • Loading branch information
@jay-dee7
jay-dee7 committed Aug 31, 2024
1 parent 4a48624 commit aacc672
Show file tree
Hide file tree
Showing 6 changed files with 72 additions and 9 deletions.
33 changes: 33 additions & 0 deletions dfs/mock/memMappedSystem.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@ func (ms *memMappedMockStorage) UploadPart(
content io.ReadSeeker,
contentLength int64,
) (s3types.CompletedPart, error) {
if err := ms.validateLayerKey(layerKey); err != nil {
return s3types.CompletedPart{}, err
}

fd, err := ms.memFs.OpenFile(layerKey, os.O_RDWR|os.O_CREATE, os.ModePerm)
if err != nil {
return s3types.CompletedPart{}, err
Expand Down Expand Up @@ -108,6 +112,10 @@ func (ms *memMappedMockStorage) CompleteMultipartUpload(
}

func (ms *memMappedMockStorage) Upload(ctx context.Context, identifier, digest string, content []byte) (string, error) {
if err := ms.validateLayerKey(identifier); err != nil {
return "", err
}

fd, err := ms.memFs.Create(identifier)
if err != nil {
return "", err
Expand Down Expand Up @@ -178,7 +186,23 @@ func (ms *memMappedMockStorage) Metadata(layer *types.ContainerImageLayer) (*typ
}, nil
}

func (ms *memMappedMockStorage) validateLayerKey(identifier string) error {
if len(identifier) <= LayerKeyPrefixLen || identifier[0:LayerKeyPrefixLen] != LayerKeyPrefix {
return fmt.Errorf(
"invalid layer prefix. Found: %s, expected: %s",
identifier[0:LayerKeyPrefixLen],
LayerKeyPrefix,
)
}

return nil
}

func (ms *memMappedMockStorage) GetUploadProgress(identifier, uploadID string) (*types.ObjectMetadata, error) {
if err := ms.validateLayerKey(identifier); err != nil {
return nil, err
}

fd, err := ms.memFs.Open(identifier)
if err != nil {
return nil, err
Expand Down Expand Up @@ -209,6 +233,10 @@ func (ms *memMappedMockStorage) GeneratePresignedURL(ctx context.Context, key st
}

func (ms *memMappedMockStorage) AbortMultipartUpload(ctx context.Context, layerKey string, uploadId string) error {
if err := ms.validateLayerKey(layerKey); err != nil {
return err
}

if err := ms.memFs.Remove(layerKey); err != nil {
return err
}
Expand All @@ -228,6 +256,11 @@ func (ms *memMappedMockStorage) FileServer() {

e.Add(http.MethodGet, "/:uuid", func(ctx echo.Context) error {
fileID := ctx.Param("uuid")
if err := ms.validateLayerKey(fileID); err != nil {
return ctx.JSON(http.StatusBadRequest, echo.Map{
"error": err.Error(),
})
}
fd, err := ms.memFs.Open(fileID)
if err != nil {
return ctx.JSON(http.StatusBadRequest, echo.Map{
Expand Down
8 changes: 5 additions & 3 deletions dfs/mock/mock.go
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
package mock

import (
"github.com/fatih/color"

"github.com/containerish/OpenRegistry/config"
"github.com/containerish/OpenRegistry/dfs"
"github.com/containerish/OpenRegistry/telemetry"
"github.com/fatih/color"
)

func NewMockStorage(
Expand All @@ -27,6 +28,7 @@ func NewMockStorage(
}

const (
MockFSPath = ".mock-fs"
LayerKeyPrefix = "layers"
MockFSPath = ".mock-fs"
LayerKeyPrefix = "layers"
LayerKeyPrefixLen = len(LayerKeyPrefix) // to account for trailing slash
)
25 changes: 24 additions & 1 deletion dfs/mock/mockFileSystem.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ func newFileBasedMockStorage(
_ = os.MkdirAll(MockFSPath, os.ModePerm)
_ = os.MkdirAll(fmt.Sprintf("%s/%s", MockFSPath, LayerKeyPrefix), os.ModePerm)
mocker := &fileBasedMockStorage{
fs: afero.NewBasePathFs(afero.NewOsFs(), ".mock-fs"),
fs: afero.NewBasePathFs(afero.NewOsFs(), MockFSPath),
uploadSession: make(map[string]string),
config: cfg,
serviceEndpoint: net.JoinHostPort(parsedHost.Hostname(), "5002"),
Expand Down Expand Up @@ -87,6 +87,10 @@ func (ms *fileBasedMockStorage) UploadPart(
content io.ReadSeeker,
contentLength int64,
) (s3types.CompletedPart, error) {
if err := ms.validateLayerKey(layerKey); err != nil {
return s3types.CompletedPart{}, err
}

fd, err := ms.fs.OpenFile(layerKey, os.O_RDWR|os.O_CREATE, os.ModePerm)
if err != nil {
return s3types.CompletedPart{}, err
Expand Down Expand Up @@ -120,7 +124,22 @@ func (ms *fileBasedMockStorage) CompleteMultipartUpload(
return layerKey, nil
}

func (ms *fileBasedMockStorage) validateLayerKey(identifier string) error {
if len(identifier) <= LayerKeyPrefixLen || identifier[0:LayerKeyPrefixLen] != LayerKeyPrefix {
return fmt.Errorf(
"invalid layer prefix. Found: %s, expected: %s",
identifier[0:LayerKeyPrefixLen],
LayerKeyPrefix,
)
}

return nil
}

func (ms *fileBasedMockStorage) Upload(ctx context.Context, identifier, digest string, content []byte) (string, error) {
if err := ms.validateLayerKey(identifier); err != nil {
return "", err
}
if err := ms.validateLayerPath(identifier); err != nil {
return "", err
}
Expand Down Expand Up @@ -195,6 +214,10 @@ func (ms *fileBasedMockStorage) Metadata(layer *types.ContainerImageLayer) (*typ
}

func (ms *fileBasedMockStorage) GetUploadProgress(identifier, uploadID string) (*types.ObjectMetadata, error) {
if err := ms.validateLayerKey(identifier); err != nil {
return nil, err
}

fd, err := ms.fs.Open(identifier)
if err != nil {
return nil, err
Expand Down
3 changes: 2 additions & 1 deletion main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,11 @@ import (
"os"
"strings"

"github.com/urfave/cli/v2"

"github.com/containerish/OpenRegistry/cmd/extras"
"github.com/containerish/OpenRegistry/cmd/migrations"
"github.com/containerish/OpenRegistry/cmd/registry"
"github.com/urfave/cli/v2"
)

var (
Expand Down
4 changes: 2 additions & 2 deletions registry/v2/registry.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,15 +112,15 @@ func (r *registry) Catalog(ctx echo.Context) error {
var pageSize int
var offset int
if queryParamPageSize != "" {
ps, err := strconv.ParseInt(ctx.QueryParam("n"), 10, 64)
ps, err := strconv.Atoi(ctx.QueryParam("n"))
if err != nil {
echoErr := ctx.JSON(http.StatusBadRequest, echo.Map{
"error": err.Error(),
})
r.logger.Log(ctx, err).Send()
return echoErr
}
pageSize = int(ps)
pageSize = ps
}

if queryParamOffset != "" {
Expand Down
8 changes: 6 additions & 2 deletions telemetry/log.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,12 @@ import (
"time"

"github.com/axiomhq/axiom-go/axiom"
"github.com/containerish/OpenRegistry/config"
"github.com/containerish/OpenRegistry/types"
"github.com/fatih/color"
"github.com/labstack/echo/v4"
"github.com/rs/zerolog"

"github.com/containerish/OpenRegistry/config"
"github.com/containerish/OpenRegistry/types"
)

type Logger interface {
Expand Down Expand Up @@ -55,6 +56,9 @@ func setupLogger(config config.Logging) zerolog.Logger {
TimeFormat: time.RFC3339,
}

if !config.Enabled {
return zerolog.Nop()
}
l = l.Output(consoleWriter)

if config.RemoteForwarding {
Expand Down

0 comments on commit aacc672

Please sign in to comment.